Possible keyloggers without implementing a keyboard in android

Abstract

Like the main input way to introduce information in the majority mobile devices nowadays is the screen, it is the main source where a malware could get private information. A keylogger, in this way could obtain private information. Researches of this type of malware until this moment are focused on the Android architecture application layer, leaving aside the other layers, so a keylogger could also be implemented in another layer and only use the application layer like the insertion method. An analysis of the data flow when a key is pressed on the screen is presented, from the system call by an interruption caused by hardware, the methods involved in this flow and possible generated logs and related files, performing an experimentation procedure to extract information about the keys pressed in order to determine which points can be used to get private information without the necessity of implement a third-party keyboard.